package com.pancm.test.encrypt;

import java.security.*;
import java.security.spec.InvalidKeySpecException;  
import java.security.spec.PKCS8EncodedKeySpec;  
import java.security.spec.X509EncodedKeySpec;  
import java.util.Base64;  
import java.util.logging.Level;  
import java.util.logging.Logger;  

public class SignatureUtils {  

    private static final String SIGNATURE_ALGORITHM = "SHA256withRSA";  
    private static final String KEY_ALGORITHM = "RSA";  
    private static final String CHARSET = "UTF-8";  
    private static final Logger LOGGER = Logger.getLogger(SignatureUtils.class.getName());  

    public static String sign(String privateKeyBase64, String data) throws Exception {  
        try {  
            byte[] privateKeyBytes = Base64.getDecoder().decode(privateKeyBase64);  
            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyBytes);  
            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);  
            PrivateKey privateKey = keyFactory.generatePrivate(keySpec);  

            Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);  
            signature.initSign(privateKey);  
            signature.update(data.getBytes(CHARSET));  
            byte[] signatureBytes = signature.sign();  
            return Base64.getEncoder().encodeToString(signatureBytes);  

        } catch (NoSuchAlgorithmException | InvalidKeySpecException | InvalidKeyException | SignatureException e) {  
            LOGGER.log(Level.SEVERE, "签名失败", e);  
            throw new Exception("签名失败: " + e.getMessage(), e);  
        } catch (IllegalArgumentException e) {  
            LOGGER.log(Level.SEVERE, "Base64 解码失败", e);  
            throw new Exception("Base64 解码失败: " + e.getMessage(), e);  
        }  
    }  

    public static boolean verify(String publicKeyBase64, String data, String signatureBase64) throws Exception {  
        try {  
            byte[] publicKeyBytes = Base64.getDecoder().decode(publicKeyBase64);  
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKeyBytes);  
            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);  
            PublicKey publicKey = keyFactory.generatePublic(keySpec);  

            Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);  
            signature.initVerify(publicKey);  
            signature.update(data.getBytes(CHARSET));  
            byte[] signatureBytes = Base64.getDecoder().decode(signatureBase64);  
            return signature.verify(signatureBytes);  

        } catch (NoSuchAlgorithmException | InvalidKeySpecException | InvalidKeyException | SignatureException e) {  
            LOGGER.log(Level.SEVERE, "验签失败", e);  
            throw new Exception("验签失败: " + e.getMessage(), e);  
        } catch (IllegalArgumentException e) {  
            LOGGER.log(Level.SEVERE, "Base64 解码失败", e);  
            throw new Exception("Base64 解码失败: " + e.getMessage(), e);  
        }  
    }  

    public static void main(String[] args) {
        String privateKeyBase64 = "";
        String publicKeyBase64 = "";
        String data = "123456";  

        try {  
            String signature = SignatureUtils.sign(privateKeyBase64, data);  
            System.out.println("签名: " + signature);  

            boolean isValid = SignatureUtils.verify(publicKeyBase64, data, signature);  
            System.out.println("签名是否有效: " + isValid);  

        } catch (Exception e) {  
            System.err.println("发生错误: " + e.getMessage());  
            e.printStackTrace();  
        }  
    }  
}  